Back to skill
Skillv1.0.0
ClawScan security
Norman: Tax Report · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 19, 2026, 6:45 PM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's instructions and requirements mostly match its stated purpose of reviewing and submitting German tax reports, but verify how ELSTER credentials and the referenced 'norman-finance' dependency are provided before using it to file taxes.
- Guidance
- This skill appears to do what it says, but before installing: 1) confirm the relationship with the 'norman-finance' skill (SKILL.md references it) and inspect that skill to see where ELSTER/Finanzamt credentials are requested and stored; 2) verify the norman.finance homepage and the publisher's trustworthiness if you'll use it for real filings; 3) because submissions are irreversible, always use the preview step and never proceed unless you explicitly confirm; 4) prefer keeping ELSTER credentials isolated (use a dedicated credential store) and avoid pasting them into chat; 5) note that disable-model-invocation prevents autonomous filing — a helpful safety feature.
Review Dimensions
- Purpose & Capability
- noteThe name, description, and SKILL.md actions (list_tax_reports, get_tax_report, generate_finanzamt_preview, submit_tax_report via ELSTER, etc.) are coherent for a German tax-reporting helper. SKILL.md also lists an mcp requirement for 'norman-finance', but the registry metadata provided earlier did not list this dependency — this inconsistency should be clarified.
- Instruction Scope
- okInstructions stay on task: they direct the agent to list reports, show deadlines, preview filings, validate numbers, and only submit after explicit user confirmation. They explicitly warn that submissions are irreversible and require a preview, which narrows scope appropriately. The skill assumes available function calls (provided by a companion skill or runtime) but does not instruct the agent to read unrelated files or system state.
- Install Mechanism
- okThis is an instruction-only skill with no install spec and no code files — minimal footprint and no disk writes or external downloads.
- Credentials
- noteThe skill declares no required environment variables or credentials itself. However, it references submitting to the Finanzamt via ELSTER and lists 'norman-finance' as a required mcp dependency in SKILL.md. That implies credentials/keys are expected to be provided by the other skill or runtime; you should confirm where ELSTER/Finanzamt credentials (or API tokens) live and whether they are requested/stored by the dependent skill.
- Persistence & Privilege
- okThe skill is not always-on and is user-invocable. Registry flags show disable-model-invocation is true, so it cannot be autonomously invoked by the model — this reduces the risk of unintended automated submissions. It does not request system-wide configuration changes.